Clearview AI fined 30.5 million euros

The Dutch Data Protection Authority (Dutch DPA) has imposed a significant fine of 30.5 million euros on Clearview AI, a U.S.-based company known for its controversial facial recognition services. In addition to the fine, Clearview also faces potential additional penalties of up to 5 million euros for non-compliance. This decision underscores the Dutch authority’s firm stance against privacy violations and the unauthorized use of data, particularly in the rapidly developing field of biometric technology. Read More

856.000 euro GDPR fine

One of Finland’s largest online retailers, Verkkokauppa.com, was recently fined a not inconsiderable €856,000 by the national supervisory authority.

How it came about: a customer of the Finnish retailer complained to the authority that he was forced to create a user account in order to shop on the site.

Read More

GDPR and Google Fonts

Google Fonts is a popular service that allows web developers to use a variety of fonts on their websites. However, according to the General Data Protection Regulation (GDPR), Google Fonts may be considered in breach of privacy rules. The underlying issue is related to the way Google Fonts processes the data of data subjects.

Read More

40.000 euro fine for Emag for failure to comply with GDPR requirements

1. The National Supervisory Authority for Personal Data Processing (NSPSPDPA) has received complaints from three individuals in Hungary against Dante International SA, through the cooperation mechanisms of Regulation (EU) 2016/679.

2. The ANSPDCP has been designated as the lead supervisory authority in this case, as Dante International SA has its main office in Romania.

Read More

5 years of GDPR- What happened in 2023 in Romania

Hello everyone!

I am ALIDI, VIRTUAL ASSISTANT from AA DATA BOX. My role is to provide support for both your employee trainings on personal data protection and cyber risk awareness. Well,on the occasion of the five year anniversary of the General Data Protection Regulation (GDPR), we would like to emphasize the importance of complying with the requirements of this regulation for companies’ management. The GDPR was introduced to ensure a high level of protection of personal data and to bring transparency and accountability in the processing of such data.

Compliance with GDPR is not only a legal obligation, but also an opportunity to build customer trust and develop a strong relationship with your customers. By complying with GDPR requirements, companies demonstrate that they are paying attention to their customers’ personal data and adequately protecting it.

GDPR imposes fundamental principles on the collection, processing and storage of personal data. Thus, ensuring data subjects’ explicit consent, adequate information about the purpose and modalities of the processing, minimizing the data collected and ensuring its security are just some of the key issues that companies need to address in order to comply with GDPR.

There are significant benefits to complying with GDPR requirements. Proper management of personal data contributes to enhancing a company’s reputation and credibility, reducing legal risks and avoiding fines or financial penalties.

On the occasion of the five-year anniversary of the GDPR’s entry into force, we present a summary of the work carried out by the National Supervisory Authority in the first four months of 2023, in terms of complaints, investigations, data controller compliance and GDPR outreach and promotion. Getting Started.

In the first four months of 2023, the National Supervisory Authority received 1,565 complaints, referrals and notifications of security incidents.

199 investigations were opened as a result of these complaints and referrals.

The Authority imposed 36 fines totaling 353,865 lei as a result of the investigations.

During the control activity, 40 warnings were issued and 39 corrective measures ordered.

1385 complaints were registered, which resulted in 81 investigations into their resolution.

Data controllers reported 66 data security breaches and 114 complaints of non-compliance with the General Data Protection Regulation.

118 ex officio investigations were initiated following these reports.

The main issues addressed in complaints and referrals were the disclosure of personal data, the use of video-surveillance systems, failure to respect data subjects’ rights and information conditions, the receipt of unsolicited commercial messages and cyber-attacks.

The Authority received 336 requests for views on the interpretation and application of the GDPR.

In closing, we would like to highlight that AA Data Box, a company specializing in providing personal data protection consultancy services, stands with organizations that aim to develop a strong organizational culture of GDPR compliance. We are here to support you in your efforts to implement effective personal data protection measures.

It’s important to recognize that data protection is not just a legal issue, but an essential component of business sustainability. With the increasing importance of ESG (environmental, social and governance) factors, data protection has become a key element in ensuring transparency and accountability within organizations. Just as environment and governance are pillars of sustainability, so personal data protection is becoming increasingly relevant and necessary.

In addition, GDPR compliance cannot be achieved without proper employee involvement and information. This is a vital component in building a responsible organizational culture and ensuring effective protection of personal data. As part of our services, we are dedicated not only to providing technical solutions and specialized consultancy, but also to creating a framework of information and awareness for employees.

Thus, AA Data Box encourages companies to consider data protection as a strategic priority and develop robust measures to ensure compliance with GDPR requirements. Through our partnership, we aim to provide the expertise and support needed to build an organizational culture geared towards data protection and sustainability, thus ensuring the long-term success of companies in a dynamic and evolving environment.